On Thu, Jul 14, 2011 at 7:50 AM,
<address@hidden> wrote:
On 14.07.2011 14:44, Kenneth Loafman wrote:
>> eventually. i just had a look at the corresponding code
>> duplicity-bin::get_passphrase. with the latest duplicity you should
>> be asked two times ("Input/Retype") for each key
>> (Signing/Encryption). Isn't that so? You could post an obfuscated
>> output log of a run with '-v9' to show what happens.
>
>
> Verifying the password is not absolutely necessary, but saves some
> time if the user inputs the wrong password.
why don't we simply show the password and circumvent the need for verification?
also we should have a check if gpg receiver[0] == sign_key[0], so the pass is not asked two times for the same key on simple one key only setups.